Seafdav/Webdav brute force login attempts

So the UI is protected from brute force login attempts by the captcha. We can also setup fail2ban (The instructions are in the manual.)

As well, looks like the api is throttled (search “Provided seafile fail2ban sample just protects any UI brute force attemps but does not protect against API brute force attemps” in the forum)

However, it does not look like seafdav/webdav is throttled or protected in any way from brute force login attempts.

Is there any way to implement this? My seafdav/webdav sits behind an nginx reverse proxy, and unfortunately looking at the logs it doesn’t provide any useful information such as the real host ip.

This should work as a filter in fail2ban:

#filter.d/seafile-webdav.conf
[Definition]
failregex = -.* HTTP/1.1" 401.*
ignoreregex =
#author: datamate (www.datamate.org)

And this is the corresponding jail:

[seafile-webdav]
enabled = true
banaction = headshot
port = http,https
filter = tail seafile-webdav
logpath = /var/log/nginx/seafdav.access.log
#author: datamate (www.datamate.org)